new security features in dlms/cosem - a comparison to the
TRANSCRIPT
![Page 1: New Security Features in DLMS/COSEM - a Comparison to the](https://reader033.vdocuments.us/reader033/viewer/2022042511/589edd581a28abbd498bfe2a/html5/thumbnails/1.jpg)
21.09.2015 1Stefan Hoffmann21.09.2015
New Security Features in DLMS/COSEM
A comparison to the Smart Meter Gateway
Workshop on Power Line Communications 2015
Stefan Hoffmann (HRW), Robin Massink (DNV GL), Gerd Bumiller (HRW)
21.09.2015
![Page 2: New Security Features in DLMS/COSEM - a Comparison to the](https://reader033.vdocuments.us/reader033/viewer/2022042511/589edd581a28abbd498bfe2a/html5/thumbnails/2.jpg)
21.09.2015 2Stefan Hoffmann
Initiated a
rethinking process
concerning privacy in
smart metering systems
![Page 3: New Security Features in DLMS/COSEM - a Comparison to the](https://reader033.vdocuments.us/reader033/viewer/2022042511/589edd581a28abbd498bfe2a/html5/thumbnails/3.jpg)
21.09.2015 3Stefan Hoffmann
• Green Book Version 7 (2013)
• First reaction to directive: including cryptographic methods
• Only methods of symmetric cryptography
• No proper key management possible
• Latest: Green Book Version 8 (2014)
• Security methods from Green Book 7
• Added:
• Methods of asymmetric cryptography
• Allows for establishing an authenticated and encrypted channel
• More security features
Reaction in DLMS/COSEM
![Page 4: New Security Features in DLMS/COSEM - a Comparison to the](https://reader033.vdocuments.us/reader033/viewer/2022042511/589edd581a28abbd498bfe2a/html5/thumbnails/4.jpg)
21.09.2015 4Stefan Hoffmann
Based on elliptic curve cryptography (ECC)
• Digital Signature Algorithm (DSA)
• Sign with secret key, verify signature with public key
• Diffie-Hellman key agreement (DH)
Public key infrastructure (PKI)
• Entities have certificates with their identity and public key
• Certification authority (CA) signs certificates
Key establishment in DLMS/COSEM (GB V8)
This approachis not possible
with methods ofGreen Book Version 7!
![Page 5: New Security Features in DLMS/COSEM - a Comparison to the](https://reader033.vdocuments.us/reader033/viewer/2022042511/589edd581a28abbd498bfe2a/html5/thumbnails/5.jpg)
21.09.2015 5Stefan Hoffmann
State-of-the-art methods for protected communication
• Symmetric authentication and encryption
• Advanced Encryption Standard (AES) with Galois/Counter Mode
Afterwards: using symmetric cryptography
![Page 6: New Security Features in DLMS/COSEM - a Comparison to the](https://reader033.vdocuments.us/reader033/viewer/2022042511/589edd581a28abbd498bfe2a/html5/thumbnails/6.jpg)
21.09.2015 6Stefan Hoffmann
• Second layer of cryptographic protection
• Tunneled protection for third parties
End-to-end security for third parties
![Page 7: New Security Features in DLMS/COSEM - a Comparison to the](https://reader033.vdocuments.us/reader033/viewer/2022042511/589edd581a28abbd498bfe2a/html5/thumbnails/7.jpg)
21.09.2015 7Stefan Hoffmann
The Smart Meter Gateway
-> All connections using TLS!
![Page 8: New Security Features in DLMS/COSEM - a Comparison to the](https://reader033.vdocuments.us/reader033/viewer/2022042511/589edd581a28abbd498bfe2a/html5/thumbnails/8.jpg)
21.09.2015 8Stefan Hoffmann
Comparison of cryptographic core methods
Are the NIST curves trustworthy?• Parameters defined as preimages of a secure Hash function.• An adversary would need to know a certain fraction of weak
amount of curves.• Such a fraction was not yet discovered by the public
![Page 9: New Security Features in DLMS/COSEM - a Comparison to the](https://reader033.vdocuments.us/reader033/viewer/2022042511/589edd581a28abbd498bfe2a/html5/thumbnails/9.jpg)
21.09.2015 9Stefan Hoffmann
SMGW consists of integrated security concept
• Certifyability
• PP has EAL 4+ according to Common Criteria
• National environment
• Specialised for German market
• Government agency as developer
• State-controlled root-CA
• More concrete instructions
• Key lifetimes for PKI usage
• Concrete class of random sources given
• Direct connections for external market participants
• Secure storage
• … and much more.
Security differences of SMGW „beyond cryptography“
![Page 10: New Security Features in DLMS/COSEM - a Comparison to the](https://reader033.vdocuments.us/reader033/viewer/2022042511/589edd581a28abbd498bfe2a/html5/thumbnails/10.jpg)
21.09.2015 10Stefan Hoffmann
• „Similar“ (state-of-the-art) cryptographic security from a
high-level point-of-view
• SMGW provides a holistic security concept that includes
more aspects than just pure cryptography
• High importance of Germany‘s Federal Office of
Information Security as sovereign trust anchor
• ENISA (European Network and Information Security
Agency) initiative to harmonize smart meter techniques
Concluding remarks
![Page 11: New Security Features in DLMS/COSEM - a Comparison to the](https://reader033.vdocuments.us/reader033/viewer/2022042511/589edd581a28abbd498bfe2a/html5/thumbnails/11.jpg)
21.09.2015 11Stefan Hoffmann
Thank you for your attention!
Contact:
Stefan Hoffmann
Phone: +49 208 88254-826
E-mail: [email protected]
![Page 12: New Security Features in DLMS/COSEM - a Comparison to the](https://reader033.vdocuments.us/reader033/viewer/2022042511/589edd581a28abbd498bfe2a/html5/thumbnails/12.jpg)
21.09.2015 12Stefan Hoffmann
IEEE International Symposium on Power Line
Communications and its Applications
March 20th to March 23th 2016
(new date)
Visit the website:
www.ieee-isplc.org
Coming soon: ISPLC 2016
![Page 13: New Security Features in DLMS/COSEM - a Comparison to the](https://reader033.vdocuments.us/reader033/viewer/2022042511/589edd581a28abbd498bfe2a/html5/thumbnails/13.jpg)
21.09.2015 13Stefan Hoffmann
Conference will take place at
Hochschule Ruhr West University of Applied Sciences
Bottrop, Germany
Venue
![Page 14: New Security Features in DLMS/COSEM - a Comparison to the](https://reader033.vdocuments.us/reader033/viewer/2022042511/589edd581a28abbd498bfe2a/html5/thumbnails/14.jpg)
21.09.2015 14Stefan Hoffmann
Important dates
Submission of full papers:
November 16, 2015
Notification of Acceptance:
January 15, 2016
Camera-ready papers due:
February 22, 2016
Call for Papers
![Page 15: New Security Features in DLMS/COSEM - a Comparison to the](https://reader033.vdocuments.us/reader033/viewer/2022042511/589edd581a28abbd498bfe2a/html5/thumbnails/15.jpg)
21.09.2015 15Stefan Hoffmann
Gerd Bumiller, General Chair
Hochschule Ruhr West University of Applied Sciences
Phone: +49 208 88254808
E‐mail: gerd.bumiller@hs‐ruhrwest.de
Contact informationm